﻿using IdentityServer4;
using IdentityServer4.Models;
using IdentityServer4.Test;

namespace XxSystem.UsersServer.Tests
{
    public class Ids4Config
    {
        public static IEnumerable<IdentityResource> GetIdentityResources()
        {
            return new List<IdentityResource>
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile(),
                new IdentityResources.Email(),
            };
        }
        public static IEnumerable<ApiScope> GetApiScopes()
        {
            return new List<ApiScope>
            {
                // backward compat
                new ApiScope("api"),
                new ApiScope("api.scope1"),
                new ApiScope("api.scope2")

            };
        }
        public static IEnumerable<ApiResource> GetApis()
        {
            return new List<ApiResource>
            {
                new ApiResource("api", "Demo API")
                {
                    ApiSecrets = { new Secret("secret".Sha256()) },

                    Scopes = { "api", "api.scope1", "api.scope2" }
                }
            };
        }
        public static IEnumerable<Client> GetClients()
        {
            return new List<Client>
            {
                new Client
                {
                    ClientId = "ro.client",
                    AllowedGrantTypes = GrantTypes.Code,
                    ClientSecrets =
                    {
                        new Secret("secret".Sha256())
                    },
                    // 是否需要确认授权，这个配置我们会在后面介绍，这里设置为 false
                        RequireConsent = false,
 
                        // 这个参数必须设置 为 false
                        RequirePkce= false,

                      //指定允许令牌或授权码返回的地址（URL）
                    RedirectUris={ "https://localhost:7136/signin-oidc", "https://localhost:7136/signin-oidc" },
                    //指定允许注销后返回的地址(URL)，这里写两个客户端
                    PostLogoutRedirectUris={ "https://localhost:7136/signout-callback-oidc", "https://localhost:7136/signout-callback-oidc" },
                    AllowedScopes = {
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "api" },
                    AllowAccessTokensViaBrowser = true,
                    AlwaysIncludeUserClaimsInIdToken = true
                },
                // non-interactive
                new Client
                {
                    ClientId = "m2m",
                    ClientName = "Machine to machine (client credentials)",
                    ClientSecrets = { new Secret("secret".Sha256()) },

                    AllowedGrantTypes = GrantTypes.ClientCredentials,
                    AllowedScopes = { "api", "api.scope1", "api.scope2" },
                }
            };
        }
        public static List<TestUser> GetUsers()
        {
            return new List<TestUser>()
            {
                new TestUser
                {
                    SubjectId="1",
                    Username="ailisi",
                    Password="password",
                },
                new TestUser
                {
                    SubjectId="2",
                    Username="博德",
                    Password="password"
                }
            };
        }
    }
}
